Articles about Malware

Malware

158 new malware created EVERY MINUTE

Malware monitors PandaLabs says 227,747 new malware samples are released every day. The findings from its recent survey found 20 million samples were created in the third quarter of 2014. Three quarters of infections were trojans while only 9 percent were viruses and 4 percent worms. The number of trojans rose 13 percent over …
Darren Pauli, 06 Nov 2014

FBI opens Malware Investigator portal to industry

The Federal Bureau of Investigations has released a formerly in-house malware-analysing portal to help speed up incident responses and help industry and law enforcement with investigations. The G-men hope the Malware Investigator portal can let businesses build responses to new malware without such heavy reverse-engineering …
Darren Pauli, 30 Sep 2014
Facebook privacy image

Facebook cosies up to ESET for malware detection

Facebook, which earlier this year started partnering with F-Secure and Trend Micro for malware detection, has added Slovak vendor ESET to its suite of security products. The previous tie-ups, detailed here, are worth noting to put the new partnership in context. F-Secure and Trend both pointed Facebook users at their free online …

FACEPALM! HP cert used to sign malware

HP accidentally signed some malware, according to Krebs on Security. Krebs reports that the certificate was “used to cryptographically sign software components that ship with many of its older products”, mostly for PC software, but that back in 2010 it was also used to sign some malware. HP will therefore revoke the certificate …
Simon Sharwood, 12 Oct 2014
Cartoon of  green skeletal figure reaching out of phone

DeathRing: Cheapo Androids pre-pwned with mobile malware

A new mobile Trojan is being pre-loaded onto smartphones somewhere in the supply chain. DeathRing masquerades as a ringtone app and is impossible to remove because it’s pre-installed in the system directory, according to mobile security firm Lookout. Samples of the malware are restricted to entry-level phones purchased in Asian …
John Leyden, 04 Dec 2014
apple mac malware vxer

This Apple Mac has malware. How do I mop up?

Readers' Corner We all know that Macs don't get PC viruses. But they can and sometimes do get Mac viruses. Hence this terse request from Dewix in El Reg forums. Mother-in-law has managed to get malware on her Mac. Anyone recommend a no fuss AV? Somewhat sparse on the details, Dewix. Reg readers can you help? Recommendations here. Thank- …
Aaron Milne, 16 Jun 2014

jQuery site popped to serve malware slop

The jQuery site served credential-stealing malware to scores of users who visited the website on September 18, researcher James Pleger says. The super-popular JavaScript library was used by 30 percent of websites including 70 percent of the 10,000 most popular sites which may have been compromised by the RIG exploit kit. jQuery …
Darren Pauli, 24 Sep 2014
Hacker baseball cap

Hackers use DRAFT emails as dead-drops for running malware

Sneaky hackers are using Gmail and Yahoo! drafts to control compromised devices, with the tactic designed to make detection of malware-related communications more difficult to pick up in enterprise environments. Attacks occur in two phases. Hackers first infect a targeted machine via simple malware that installs Python onto the …
John Leyden, 06 Nov 2014
Toy Story

Researcher details how malware gives AV the slip

Researcher James Wyke has discovered throw-off tactics used by malware to frustrate investigators. These tactics were part of a suite of impressive methods VXers used to find technical artifacts that could help them distinguish between computers belonging to victims and those used by malware researchers. While malware writers …
Darren Pauli, 26 Aug 2014

Dirtbags dressed up malware as legit app using Sony crypto-certs

Miscreants were quick to capitalize on the theft of Sony's cryptographic certificates – used to sign a software nasty to make it look legit. An analysis of malware dubbed Destover was published by Kaspersky Lab on Tuesday, and shows the code was signed using a private certificate belonging to Sony to evade malware filters. …
Iain Thomson, 10 Dec 2014

IEEE expands malware initiatives

Standards body the IEEE has launched two new anti-malware initiatives designed to help software and security vendors spot malware that's been inserted into other software, and improve the performance of malware detection by cutting down on false positives. The organisation's Anti-Malware Support Service (AMSS) is designed to …

Watch this! The changing face of malware

Video Youtube Video The anti-malware software industry seems to be fighting a losing battle, with Symantec even declaring antivirus "dead". In this online tutorial Darryl MacGregor, principal technologist for information security at IT training biz QA, discusses the best strategies for protecting your information assets in the near …
David Gordon, 21 May 2014
Hacked sarcasm

Backoff malware attacks hit 'more than 1,000 big businesses', warns US government

A Point-of-Sale malware attack that struck shipping outfit UPS has compromised the networks of a "significant" number of major businesses in the US, according to the country's Homeland Security office. The US administration's Computer Emergency Readiness Team (CERT) advised administrators and operators of PoS systems to …
Kelly Fiveash, 23 Aug 2014

Kaspersky exposes SONY-CRIPPLING malware DETAILS

Kaspersky bod Kurt Baumgartner has released more details on the Sony-plundering malware and links it to attacks on Saudi Aramco and South Korea. Research conducted in the wake of the epic Sony breach last month had connected those behind the attack known as the Guardians of Peace (GOP) with the 2012 hacking of Saudi Aramco by ' …
Darren Pauli, 08 Dec 2014

15 MEEELLION malware-infested mobiles worldwide – report

Incidences of malicious software (malware) being identified on mobile devices rose 17% in the first half of this year, according to a new study. A report by French communications giant Alcatel-Lucent estimated that approximately 15 million mobile devices worldwide could be infected with malware. The report said that the mobile …
OUT-LAW.COM, 09 Sep 2014
apple mac malware vxer

Apple blats WireLurker OS X, iOS malware – but fanbois aren't safe yet

It appears the WireLurker malware threatening Macs, iPads and iPhones has, for now, been partially neutralized. Apple told The Reg it has revoked a previously legit cryptographic certificate the malware was using to sign itself: this certificate tricked iOS devices into trusting and installing WireLurker's malicious apps. Now …
Shaun Nichols, 07 Nov 2014
Orange Credit Card

Home Depot: 56 million bank cards pwned by malware in our tills

Home Depot today admitted 56 million bank cards are at risk after they were used in malware-infected tills. The DIY giant on Thursday revealed that a software nasty infiltrated its PC-powered registers between April and September in the US and Canada. Cards swiped through the compromised machines could be accessed by the malware …
Shaun Nichols, 18 Sep 2014
Bitcoin system would kill mammoth mining pools

Fifteen countries KO'd in malware one-two punch

Someone suspected to be backed by a nation state is attacking embassies of former soviet states with a malware tool that has infiltrated networks across more than 15 countries. Hacked embassies of unnamed former soviet states include those located in: France; Belgium; Ukraine; China; Jordan; Greece; Kazakhstan; Armenia; Poland, …
Darren Pauli, 12 Aug 2014
Cartoon of  green skeletal figure reaching out of phone

Chinese cops cuff teen over Heart App Android malware flap

Chinese authorities have arrested a 19-year-old suspected of unleashing a fast spreading strain of malware that infects Android smartphones. Police told Chinese newspapers including Sina.com that "Li", a 19-year-old software engineering student, was cuffed in Shenzhen on suspicion of creating the Heart App Android malware within …
John Leyden, 12 Aug 2014
Azure Index

Microsoft releases free anti-malware for Azure VMs

Free anti-malware software is not hard to find: even reputable vendors offer product at the low, low, price of $0.00 for client devices/ Microsoft is now doing the same for servers – or at least for virtual machines in its Azure cloud with a new offering called (deep breath now) Microsoft Antimalware for Azure Cloud Services and …
Simon Sharwood, 06 Nov 2014
apple mac malware vxer

Google makes malware microscope Mac mod

Google has upgraded its popular VirusTotal analysis tool by adding an Mac OS malware uploader in a bid to better understand increasing attacks against Cupertino's fruity 'puters. The tool has been made available for OS X 10.8 and 10.9. Malware and suspicious URL samples uploaded to VirusTotal are checked against 52 anti-malware …
Darren Pauli, 27 May 2014

Windows Registry-infecting malware has no files, survives reboots

Researchers have detailed a rare form of Windows malware that maintains infection on machines and steals data without installing files. The malware resides in the computer registry only and is therefore not easy to detect. It code reaches machines through a malicious Microsoft Word document before creating a hidden encoded …
Darren Pauli, 04 Aug 2014
Nuclear bomb image

Intruder alert: Cyber thugs are using steganography to slip in malware badness

Common or garden cybercrooks have taken to using steganography – the art of hiding secret information within another image or message file – to run a click-fraud scam. Steganography has long been the stuff of spy trade-craft and cypherpunk novels, but now cybercrooks have made the practice downmarket by applying it to the Lurk …
John Leyden, 08 Aug 2014
Malware

Attackers raid SWISS BANKS with DNS and malware bombs

Attackers suspected of residing in Russia are raiding Swiss bank accounts with a multi-faceted attack that intercepts SMS tokens and changes domain name system settings, researchers have warned. The attacks sported a clever implementation of malware that pointed victim machines to replica phishing bank sites when they attempt to …
Darren Pauli, 23 Jul 2014
bug on keyboard

Researchers warn of resurgent Sefnit malware

A malware infection which drew headlines January has returned and is using new techniques to infect and spread amongst users. Known as Sefnit, the botnet infection was spotted in September of 2013 and triggered alarms earlier this year when researchers warned that millions of systems were likely infected with the malware. …
Shaun Nichols, 29 Apr 2014
bug

Secluded HijackRAT: Monster mobile malware multitool from HELL

Cybercrooks have brewed up a malicious Android app that bundles a raft of banking fraud tricks into a single strain of mobile malware. The Secluded HijackRAT is banking trojan that packs together new and previously unseen tricks, according to net security firm FireEye. The mobile nasty combines private data theft, banking …
John Leyden, 03 Jul 2014
Flytrap

CoolReaper pre-installed malware creates backdoor on Chinese Androids

Security researchers have discovered a backdoor in Android devices sold by Coolpad, a Chinese smartphone manufacturer. The “CoolReaper” vuln has exposed over 10 million users to potential malicious activity. Palo Alto Networks reckons the malware was “installed and maintained by Coolpad despite objections from customers”. It's …
John Leyden, 18 Dec 2014
Gold iPhone 5s, in'it?

Reddit users discover iOS malware threat

Users on a mobile phone hacking subreddit are being credited with the discovery of a malware infection targeting iOS users. The r/jailbreak community uncovered the infection while assisting a user who had been noticing unusual activity on his jailbroken iPhone. Known as 'Unflod Baby Panda', the infection targets jailbroken iOS …
Shaun Nichols, 18 Apr 2014

FBI warns of disk NUKE malware after Sony Pictures megahack

The FBI has alerted US businesses to data-wiping malware after hackers, possibly in North Korea, ransacked computers at Sony Pictures. The malicious software described in the Feds' warning is pretty close to the malware believed to have infiltrated Sony's network. Miscreants have leaked gigabytes of passwords, personal records, …
John Leyden, 02 Dec 2014
Google bouncer

Droid malware cloak outwits Google Bouncer and friends

Google's Bouncer Android defence tool is one of a dozen malware detection platforms that can be flawlessly skirted by malware employing smarter heuristics, researchers have found. Malware kitted out with virtual machine detection functions and clever heuristics could bypass seemingly any detection platform on the market. …
Darren Pauli, 13 May 2014
Ben Gurion University professor Yuval Elovici

Israel develops wireless-malware-injection-by-smartmobe tool

It's not the next Daniel Suarez plot; Israeli academics have developed software they say can use your mobile phone to detect electrical impulses, and foist malware to computers physically disconnected from any internet facing network. Ben Gurion University professor Yuval Elovici told The Times of Israel that his team …
Darren Pauli, 12 Jun 2014

Tor exit node mashes malware into downloads

A Tor exit node has been found slapping malware onto downloads as users exit the hidden network and enter the public web. Leviathan Security Group researcher Josh Pitts found the operator of the Russia-based node compromising binaries only a month after raising concerns of the possible attack. He created the Backdoor Factory …
Darren Pauli, 27 Oct 2014
Malware

Twitter 'news' spreads faster than Ebola #FakeCures #Malware

Updated Social media has become a conduit for the spread of fake cures and treatments for Ebola. As if that weren't bad enough, confusion about the epidemic is also being harnessed to push malware and other cybercrime scams, security watchers warn. The hoaxes began in the Twittersphere with the spread of false ways to treat Ebola. Late …
John Leyden, 20 Oct 2014

Sync'n'steal: Hackers brew Android-targeting Windows malware

Internet Igors have stitched together the first strain of Windows malware that can hop over and infect Android smartphones and tablets. The Droidpak mobile banking trojan exploits syncing between smartphones and Windows PCs to jump from a compromised PC onto an Android device. The Windows Trojan downloads a malicious .APK file …
John Leyden, 27 Jan 2014
Fail and You

NASDAQ IT security spend: $1bn. Finding mystery malware on its servers: Priceless

NASDAQ servers were infected by malware that exploited two mystery zero-day vulnerabilities, according to a magazine cover story published today. Despite spending a ton of money on computer security, the stock exchange was wide open to attack, we're told. Today's report pulls back the curtain back to reveal a little more about …
Iain Thomson, 17 Jul 2014
bug on keyboard

Manic malware Mayhem spreads through Linux, FreeBSD web servers

Malware dubbed Mayhem is spreading through Linux and FreeBSD web servers, researchers say. The software nasty uses a grab bag of plugins to cause mischief, and infects systems that are not up to date with security patches. Andrej Kovalev, Konstantin Ostrashkevich and Evgeny Sidorov, who work at Russian internet portal Yandex, …
Iain Thomson, 18 Jul 2014

Malware analysts tell crooks to shape up and write decent code

Blackhats beware: reverse engineers are laughing at your buggy advanced persistent threat (APT) malware. You've done pretty well though: your custom payloads were effective at breaking into enterprises and the damage it did was quite devastating. But many were being found and added to anti-malware signatures all too quickly. …
Darren Pauli, 10 Oct 2014
ISIS leader Shakir Wahiyib with Facebook thumbs-up

New fear: ISIS killers use 'digital AK-47' malware to hunt victims

Malware has emerged from war-torn Syria targeting those protesting the rule of ISIS (ISIL, Islamic State, whatever the murderous humanity-hating fanatics are calling themselves these days.) The trivial Windows spyware, analyzed by University of Toronto internet watchdog Citizen Lab, was sent out in a small number of emails aimed …
Iain Thomson, 18 Dec 2014
Cartoon of  green skeletal figure reaching out of phone

Malware-as-a-service picks Android apart

Quite possibly the most expensive and capable Android malware the world has yet seen is for sale at $US5000 on underground markets, replete with software-as-a-service support. The iBanking malware has evolved from a simple SMS-stealer to a highly capable application that records audio within the range of a device's microphone, …
Darren Pauli, 22 May 2014
Remy from Ratatouille

Another RAT crawls out of the malware drain

Yet another banking trojan has appeared, using browser hooking to steal data from Internet Explorer, Chrome and Firefox users. Dyreza, or Dyre, is pitched the usual way, via a phishing e-mail (a lesson that's never learned well enough for the approach to fail), and the e-mail contains what purports to be a zipped document that …
android tongue

Malware gets your Android blabbering to HACKERS

Researchers from the Chinese University of Hong Kong have developed bizarre malware that dictates contacts, emails and other sensitive text data in order to steal it. In the novel attack a seemingly innocuous app that required no permissions called a bad guy's phone number and blabbered the stolen data out of the speakers and …
Darren Pauli, 29 Jul 2014

PC-infecting chat demon quotes THE BIBLE to summon malware plague

A new Trojan that distributes itself through Facebook instant messaging and Yahoo! Messenger has claimed hundreds of victims. Computer systems have been infected by the software nasty in the UK, Germany, France, Denmark, Romania, the US and Canada during the past week or so, according to Romanian antivirus firm Bitdefender. …
John Leyden, 27 May 2014

Revealed: Malware that forces weak ATMs to spit out 'ALL THE CASH'

Video Thieves are sneaking malware dubbed Tyupkin into ATMs to force them to cough millions of dollars, we're told. The crims don't need to use stolen or cloned cards. Instead, fraudsters infect the ATM's on-board PC, and later type a special combination of digits on the PIN keypad to drain the machine of banknotes – that's according …
John Leyden, 08 Oct 2014
Flytrap

Leaked docs reveal power of malware-for-government product 'FinFisher'

A string of documents detailing the operations and effectiveness of the FinFisher suite of surveillance platforms appears to have been leaked. The documents, some dated 4 April this year, detail the anti-virus detection rates of the FinFisher spyware which German based Gamma Group sold to governments and law enforcement agencies …
Darren Pauli, 05 Aug 2014
gandalf

Google bakes W3C malware-buster into Gmail

If an online service offers even the slightest gap through which miscreants can launch an attack, they will do so. It's therefore not surprising that Google feels some extensions to its Gmail service may not be entirely friendly to users. The Chocolate Factory's, response, announced Tuesday, is to adopt the W3C's Content …
Simon Sharwood, 17 Dec 2014
Ruhr University's malware architecture

How to marry malware to software downloads in an undetectable way (Hint: Please use HTTPS)

Be thankful it's only a proof-of-concept of a hack: German researchers have shown that internet software distribution mechanisms can be turned into virus vectors, without modifying the original code. The Ruhr University boffins – Felix Gröbert, Ahmad-Reza Sadeghi and Marcel Winandy – have developed an on-the-fly mechanism for …

Yes, there is now BITCOIN-MINING MALWARE for Android

Bitcoin mining on low-powered devices these days is a bad idea, to say the least. As cryptocurrency blockchains grow more complex, even high-powered dedicated mining rigs are having trouble effectively mining coins. Your smartphone, therefore, is going to be about as useful for mining Bitcoin as soup ladle is for mining actual …
Shaun Nichols, 25 Apr 2014

Microsoft's anti-malware crusade knackers '4 MILLION' No-IP users

Microsoft has won a court order to gain control of 23 No-IP domains owned by dynamic DNS (DDNS) provider Vitalwerks Internet Solutions. The US software giant claimed the domains were being used by malware developed in the Middle East and Africa. Vitalwerks operates its No-IP DDNS service from Nevada, and there is no suggestion …
Iain Thomson, 01 Jul 2014
Evil Android

Android is a BURNING 'hellstew' of malware, cackles Apple's Cook

WWDC Apple CEO Tim Cook took a few minutes of his two-hour keynote at Apple's Worldwide Developers Conference (WWDC) on Monday morning in San Francisco to stick his thumb in Android's eye. "Over 130 million customers who bought an iOS device in the past 12 months were buying their first Apple device," Cook told the 6,000 developers …
Rik Myslewski, 02 Jun 2014
balaclava_thief_burglar

Cisco: Hey, IT depts. You're all malware hosts

Everybody – at least every multinational that Cisco checked out for its 2014 Annual Security Report – is hosting malware of some kind, and there aren't enough security professionals to go around. Along with its Managed Threat Defense service launched this week, Cisco also launched the latest publication (here with registration) …